#
#######################################################################
+use strict;
+
BEGIN {
- unshift @INC, "modules/YAML"; # Use our own version of YAML.
- push @INC, "modules"; # Only use our own versions of modules if there's no system version.
+ unshift @INC, "modules/override"; # Use our own versions of various modules (e.g. YAML).
+ push @INC, "modules/fallback"; # Only use our own versions of modules if there's no system version.
}
# setup defaults, DO NOT CHANGE
-$userspath = "users";
-$templates = "templates";
-$memberfile = "users/members";
-$sendmail = "| /usr/sbin/sendmail -t";
+$main::userspath = "users";
+$main::templates = "templates";
+$main::memberfile = "users/members";
+$main::sendmail = "| /usr/sbin/sendmail -t";
########## end ###########################################
$| = 1;
use SL::LXDebug;
-$lxdebug = LXDebug->new();
+$main::lxdebug = LXDebug->new();
-use CGI;
+use CGI qw( -no_xhtml);
+use SL::Auth;
use SL::Form;
use SL::Locale;
-eval { require "lx-erp.conf"; };
-eval { require "lx-erp-local.conf"; } if -f "lx-erp-local.conf";
+eval { require "config/lx-erp.conf"; };
+eval { require "config/lx-erp-local.conf"; } if -f "config/lx-erp-local.conf";
+
+our $cgi = new CGI('');
+our $form = new Form;
+
+our $auth = SL::Auth->new();
+if (!$auth->session_tables_present()) {
+ _show_error('login/auth_db_unreachable');
+}
+$auth->expire_sessions();
+my $session_result = $auth->restore_session();
require "bin/mozilla/common.pl";
-if (defined($latex) && !defined($latex_templates)) {
- $latex_templates = $latex;
- undef($latex);
+if (defined($main::latex) && !defined($main::latex_templates)) {
+ $main::latex_templates = $main::latex;
+ undef($main::latex);
}
-$form = new Form;
-$cgi = new CGI('');
+# this prevents most of the tabindexes being created by CGI.
+# note: most. popup menus and selecttables will still have tabindexes
+# use common.pl's NTI function to get rid of those
+local $CGI::TABINDEX = 0;
# name of this script
$0 =~ tr/\\/\//;
-$pos = rindex $0, '/';
-$script = substr($0, $pos + 1);
+my $pos = rindex $0, '/';
+my $script = substr($0, $pos + 1);
# we use $script for the language module
$form->{script} = $script;
# pull in DBI
use DBI;
-$form->{login} =~ s|.*/||;
+# locale messages
+$main::locale = new Locale($main::language, "$script");
+my $locale = $main::locale;
-# check for user config file, could be missing or ???
-eval { require("$userspath/$form->{login}.conf"); };
-if ($@) {
- $locale = new Locale "$language", "$script";
+# did sysadmin lock us out
+if (-e "$main::userspath/nologin") {
+ $form->error($locale->text('System currently down for maintenance!'));
+}
- $form->{callback} = "";
- $msg1 = $locale->text('You are logged out!');
- $msg2 = $locale->text('Login');
- $form->redirect("$msg1 <p><a href=login.pl target=_top>$msg2</a>");
+if (SL::Auth::SESSION_EXPIRED == $session_result) {
+ _show_error('login/password_error', 'session');
}
-$myconfig{dbpasswd} = unpack 'u', $myconfig{dbpasswd};
-map { $form->{$_} = $myconfig{$_} } qw(stylesheet charset)
- unless (($form->{action} eq 'save') && ($form->{type} eq 'preferences'));
+$form->{login} =~ s|.*/||;
+
+%main::myconfig = $auth->read_user($form->{login});
+my %myconfig = %main::myconfig;
+
+if (!$myconfig{login}) {
+ _show_error('login/password_error', 'password');
+}
# locale messages
$locale = new Locale "$myconfig{countrycode}", "$script";
-# check password
-$form->error($locale->text('Incorrect Password!'))
- if ($form->{password} ne $myconfig{password});
-
-# did sysadmin lock us out
-if (-e "$userspath/nologin") {
- $form->error($locale->text('System currently down for maintenance!'));
+if (SL::Auth::OK != $auth->authenticate($form->{login}, $form->{password}, 0)) {
+ _show_error('login/password_error', 'password');
}
+$auth->set_session_value('login', $form->{login}, 'password', $form->{password});
+$auth->create_or_refresh_session();
+
+delete $form->{password};
+
+map { $form->{$_} = $myconfig{$_} } qw(stylesheet charset)
+ unless (($form->{action} eq 'save') && ($form->{type} eq 'preferences'));
+
# pull in the main code
require "bin/mozilla/$form->{script}";
$form->error($locale->text('action= not defined!'));
}
+sub _show_error {
+ my $template = shift;
+ my $error_type = shift;
+ my $locale = Locale->new($main::language, 'all');
+ $form->{error} = $locale->text('The session is invalid or has expired.') if ($error_type eq 'session');
+ $form->{error} = $locale->text('Incorrect password!.') if ($error_type eq 'password');
+ $myconfig{countrycode} = $main::language;
+ $form->{stylesheet} = 'css/lx-office-erp.css';
+
+ $form->header();
+ print $form->parse_html_template($template);
+ exit;
+}
+
# end